Method and apparatus for enhancing computer system security
First Claim
1. In a computer system including a central processor unit, said central processor being plugged into a first socket on a first circuit board, said central processor unit having respective address signals, data signals and a plurality of control signals coupled thereto through said first socket, said plurality of control signals provided to/from said central processor unit on a respective plurality of control signal lines including a first control signal line being one of said respective plurality of control signal lines, said first control signal line including a first control signal, a method for enhancing the security of said computer system, said method comprising:
- removing said central processor unit from said first socket;
replacing said central processor by plugging a module into said first socket, said module further having a second socket substantially identical to said first socket;
plugging said central processor unit into said second socket on said module; and
intercepting said first control signal.
1 Assignment
0 Petitions
Accused Products
Abstract
A security enhanced computer system arrangement includes a coprocessor and a multiprocessor logic controller inserted into the architecture of a conventional computer system. The coprocessor and multiprocessor logic controller is interposed between the CPU of the conventional computer system to intercept and replace control signals that are passed over certain of the critical control signal lines associated with the CPU. The multiprocessor logic controller arrangement thereby isolates the CPU of the conventional computer system from the remainder of the conventional computer system, permitting separate control over the CPU and separate control over the remainder of the computer system. By controlling the control signals that are normally passed between the CPU and the remainder of the computer system, the multiprocessor logic controller permits the coprocessor to perform highly secure operations. These secure operations, selectable by a trusted operator or built in to a cooperating operating system, verify that the computer system is a trusted computing base which can be relied upon to perform its operations properly and without compromise.
119 Citations
42 Claims
-
1. In a computer system including a central processor unit, said central processor being plugged into a first socket on a first circuit board, said central processor unit having respective address signals, data signals and a plurality of control signals coupled thereto through said first socket, said plurality of control signals provided to/from said central processor unit on a respective plurality of control signal lines including a first control signal line being one of said respective plurality of control signal lines, said first control signal line including a first control signal, a method for enhancing the security of said computer system, said method comprising:
-
removing said central processor unit from said first socket;
replacing said central processor by plugging a module into said first socket, said module further having a second socket substantially identical to said first socket;
plugging said central processor unit into said second socket on said module; and
intercepting said first control signal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
disconnecting said first control signal line from said central processor unit;
substituting a second control signal to/from said central processor unit in place of said first control signal by interposing said second control signal on said first control signal line.
-
-
3. A method in accordance with claim 1, wherein said first control signal is a clock signal.
-
4. A method in accordance with claim 1, wherein said first control signal is a interrupt signal.
-
5. A method in accordance with claim 1, wherein said first control signal is a write strobe signal.
-
6. A method in accordance with claim 1, wherein said first control signal is a read strobe signal.
-
7. A method in accordance with claim 1, wherein said first control signal is a data ready signal.
-
8. A method in accordance with claim 1, wherein said module comprises a multi-chip module.
-
9. A method in accordance with claim 1, wherein said module comprises an Application Specific Integrated Circuit (ASIC) module.
-
10. A method for providing computer security, comprising the steps of:
-
providing a first processor having a plurality of terminals for receiving a first plurality of control signals coupled thereto;
providing a second processor;
preventing, with a multiprocessor logic controller, reception of at least one of said first plurality of control signals by said first processor and substituting at least one of a second plurality of control signals in place of said one of said first plurality of control signals, and selectively enabling said first processor and said second processor, respectively, wherein, during said preventing reception, said multiprocessor logic controller assigns a second memory address space to said second processor and a first memory address space to said first processor, and wherein said second memory address space is non-accessible to said first processor. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A multiple processor system comprising:
-
a first processor having a plurality of terminals for receiving a first plurality of control signals coupled thereto;
a second processor;
a multiprocessor logic controller for preventing reception of at least one of said first plurality of control signals by said first processor and for substituting at least one of a second plurality of control signals in place of said one of said first plurality of control signals, and for selectively enabling said first processor and said second processor, respectively, wherein, during said preventing reception, said multiprocessor logic controller assigns a second memory address space to said second processor and a first memory address space to said first processor, and wherein said second memory address space is non-accessible to said first processor;
wherein said first processor, said second processor and said multiprocessor logic controller are integrated on a system common motherboard.
-
-
17. In a computer system including a memory and a central processor unit, said central processor unit having respective address signals, data signals and a plurality of control signals coupled thereto, said plurality of control signals provided to/from said central processor unit on a respective plurality of control signal lines including a first control signal line being one of said plurality of control signal lines, said first control signal line including a first control signal, said computer system having at least one critical program area stored in said memory, a method for enhancing the security of said computer system, said method comprising:
-
providing a second processor having an associated logic controller;
detecting start up of said computer system;
capturing control of said central processing unit by halting said central processor unit in response to said step of detecting start up of said computer system;
wherein said halting step includes sending a hold signal to said central processor unit from said logic controller; and
wherein, in response to said hold signal, said central processor unit places one or more circuits associated with the central processor unit into a high impedance state;
verifying a first critical program area in said memory with said second processor;
releasing control of said central processor unit by said logic controller to run said critical program if said first critical program area is verified;
wherein said second processor, said logic controller, and operation of circuitry associated with said second processor and said logic controller are invisible to all other portions of said computer system, with the exception of a BIOS extension associated with said logic controller, subsequent said step of releasing control. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
intercepting said clock signal to said central processor unit.
-
-
21. A method in accordance with claim 17, wherein said step of capturing control of said central processor unit by said logic controller responsive to said step of detecting start up of said computer system comprises:
intercepting said first control signal.
-
22. A method in accordance with claim 21, wherein said step of intercepting said first control signal comprises:
-
redirecting said first control signal line from said central processor unit to said second processor thereby intercepting said first control signal; and
substituting a second control signal to/from said second processor in place of said first control signal.
-
-
23. A method in accordance with claim 22, wherein said step of releasing control of said central processor unit to run said critical program, includes the step of further redirecting said first control signal line such that control of said central processor unit is released by said logic controller.
-
24. A method in accordance with claim 17, wherein said step of capturing control of said central processor unit by said logic controller responsive to said step of detecting start up of said computer system comprises:
intercepting an interrupt vector address signal.
-
25. A method in accordance with claim 17, wherein said step of capturing control of said central processor unit by said logic controller responsive to said step of detecting start up of said computer system comprises:
intercepting a data strobe signal.
-
26. A method in accordance with claim 17, wherein said step of capturing control of said central processor unit by said logic controller responsive to said step of detecting start up of said computer system comprises:
intercepting an address strobe signal.
-
27. A method in accordance with claim 17, wherein said step of capturing control of said central processor unit by said logic controller responsive to said step of detecting start up of said computer system comprises:
intercepting a data ready signal.
-
28. A method in accordance with claim 17, wherein said step of detecting start up of said computer system comprises:
detecting power up of said computer system.
-
29. A method in accordance with claim 17, wherein said step of detecting start up of said computer system comprises:
detecting hard system reset of said computer system.
-
30. In a computer system including a memory and a central processor unit, said central processor unit having respective address signals, data signals and a plurality of control signals coupled thereto, said plurality of control signals provided to/from said central processor unit on a respective plurality of control signal lines including a first control signal line being one of said plurality of control signal lines, said first control signal line including a first control signal, said computer system having at least one critical program area stored in said memory, an apparatus for enhancing the security of said computer system, said apparatus comprising:
-
a second processor having an associated logic controller;
means for detecting start up of said computer system;
wherein the logic controller captures control of said central processing unit by halting said central processor unit in response to said detecting start up of said computer system;
wherein said logic controller halts said central processor by sending a hold signal to said central processor unit; and
wherein, in response to said hold signal, said central processor unit places one or more circuits associated with the central processor unit into a high impedance state;
means for verifying a first critical program area in said memory with said second processor;
means for releasing control of said central processor unit by said logic controller to run said critical program if said first critical program area is verified;
wherein said second processor, said logic controller, and operation of circuitry associated with said second processor and said logic controller are invisible to all other portions of said computer system, with the exception of a BIOS extension associated with said logic controller, subsequent said releasing control. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
means for intercepting said clock signal to said central processor unit.
-
-
34. An apparatus in accordance with claim 30, further comprising:
means for intercepting said first control signal.
-
35. An apparatus in accordance with claim 30, further comprising:
-
means for redirecting said first control signal line from said central processor unit to said second processor thereby intercepting said first control signal; and
means for substituting a second control signal to/from said second processor in place of said first control signal.
-
-
36. An apparatus in accordance with claim 35, wherein said means for releasing control of said central processor unit to run said critical program, includes means for further redirecting said first control signal line such that control of said central processor unit is released by said logic controller.
-
37. An apparatus in accordance with claim 30, further comprising:
means for intercepting an interrupt vector address signal.
-
38. An apparatus in accordance with claim 30, further comprising:
means for intercepting a data strobe signal.
-
39. An apparatus in accordance with claim 30, further comprising:
means for intercepting an address strobe signal.
-
40. An apparatus in accordance with claim 30, further comprising:
means for intercepting a data ready signal.
-
41. An apparatus in accordance with claim 30, wherein said means for detecting start up of said computer system comprises:
means for detecting power up of said computer system.
-
42. An apparatus in accordance with claim 30, wherein said means for detecting start up of said computer system comprises:
means for detecting hard system reset of said computer system.
Specification